Skip to content

Hide Navigation Hide TOC

Matryoshka (eeb700ea-2819-46f4-936d-f7592f20dedc)

Matryoshka is a malware framework used by CopyKittens that consists of a dropper, loader, and RAT. It has multiple versions; v1 was seen in the wild from July 2016 until January 2017. v2 has fewer commands and other minor differences. [ClearSky Wilted Tulip July 2017] [CopyKittens Nov 2015]

Cluster A Galaxy A Cluster B Galaxy B Level
Matryoshka (eeb700ea-2819-46f4-936d-f7592f20dedc) Tidal Software CopyKittens (6a8f5eca-8ecc-4bff-9c5f-5380e044ed5b) Tidal Groups 1